package org.geoserver.security.web;

import java.io.IOException;
import java.io.Serializable;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import org.apache.wicket.ajax.AbstractDefaultAjaxBehavior;
import org.apache.wicket.behavior.AbstractAjaxBehavior;
import org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow;
import org.apache.wicket.markup.repeater.Item;
import org.geoserver.catalog.Catalog;
import org.geoserver.catalog.CatalogBuilder;
import org.geoserver.catalog.LayerGroupInfo;
import org.geoserver.catalog.LayerInfo;
import org.geoserver.data.test.MockData;
import org.geoserver.data.test.SystemTestData;
import org.geoserver.security.AccessMode;
import org.geoserver.security.GeoServerRoleService;
import org.geoserver.security.GeoServerRoleStore;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.GeoServerUserGroupService;
import org.geoserver.security.GeoServerUserGroupStore;
import org.geoserver.security.auth.UsernamePasswordAuthenticationProvider;
import org.geoserver.security.config.SecurityManagerConfig;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.config.UsernamePasswordAuthenticationProviderConfig;
import org.geoserver.security.config.impl.MemoryRoleServiceConfigImpl;
import org.geoserver.security.config.impl.MemoryUserGroupServiceConfigImpl;
import org.geoserver.security.impl.AbstractRoleServiceTest;
import org.geoserver.security.impl.AbstractUserGroupServiceTest;
import org.geoserver.security.impl.DataAccessRule;
import org.geoserver.security.impl.DataAccessRuleDAO;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.security.impl.MemoryRoleStore;
import org.geoserver.security.impl.MemoryUserGroupStore;
import org.geoserver.security.impl.ReadOnlyRoleService;
import org.geoserver.security.impl.ReadOnlyUGService;
import org.geoserver.security.impl.ServiceAccessRule;
import org.geoserver.security.impl.ServiceAccessRuleDAO;
import org.geoserver.security.password.GeoServerDigestPasswordEncoder;
import org.geoserver.security.password.GeoServerPBEPasswordEncoder;
import org.geoserver.security.password.GeoServerPlainTextPasswordEncoder;
import org.geoserver.security.xml.XMLRoleServiceTest;
import org.geoserver.security.xml.XMLUserGroupServiceTest;
import org.geoserver.web.GeoServerApplication;
import org.geoserver.web.GeoServerWicketTestSupport;
import org.junit.Before;

/* loaded from: input_file:org/geoserver/security/web/AbstractSecurityWicketTestSupport.class */
public abstract class AbstractSecurityWicketTestSupport extends GeoServerWicketTestSupport {
    protected static final String NATURE_GROUP = "nature";
    protected static final String CITE_NATURE_GROUP = "citeNature";
    protected AbstractRoleServiceTest gaTest;
    protected AbstractUserGroupServiceTest ugTest;
    protected GeoServerUserGroupService ugService;
    protected GeoServerRoleService gaService;
    protected GeoServerRoleStore gaStore;
    protected GeoServerUserGroupStore ugStore;

    public String getRoleServiceName() {
        return "test";
    }

    public String getUserGroupServiceName() {
        return "test";
    }

    protected void setUpSpring(List<String> list) {
        super.setUpSpring(list);
        list.add("classpath*:/applicationTestContext.xml");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onSetUp(SystemTestData systemTestData) throws Exception {
        super.onSetUp(systemTestData);
        Catalog catalog = getCatalog();
        LayerInfo layerByName = catalog.getLayerByName(getLayerId(MockData.LAKES));
        LayerInfo layerByName2 = catalog.getLayerByName(getLayerId(MockData.FORESTS));
        if (layerByName == null || layerByName2 == null) {
            return;
        }
        catalog.add(buildGroup(NATURE_GROUP, layerByName, layerByName2));
        LayerGroupInfo buildGroup = buildGroup(CITE_NATURE_GROUP, layerByName, layerByName2);
        buildGroup.setWorkspace(catalog.getWorkspaceByName(MockData.CITE_PREFIX));
        catalog.add(buildGroup);
    }

    private LayerGroupInfo buildGroup(String str, LayerInfo... layerInfoArr) throws Exception {
        Catalog catalog = getCatalog();
        LayerGroupInfo createLayerGroup = catalog.getFactory().createLayerGroup();
        createLayerGroup.setName(str);
        for (LayerInfo layerInfo : layerInfoArr) {
            createLayerGroup.getLayers().add(layerInfo);
        }
        new CatalogBuilder(catalog).calculateLayerGroupBounds(createLayerGroup);
        return createLayerGroup;
    }

    @Before
    public void setUp() throws Exception {
        login();
        Locale.setDefault(Locale.ENGLISH);
        SecurityManagerConfig securityConfig = getSecurityManager().getSecurityConfig();
        securityConfig.setEncryptingUrlParams(true);
        getSecurityManager().saveSecurityConfig(securityConfig);
    }

    protected void initialize(AbstractUserGroupServiceTest abstractUserGroupServiceTest, AbstractRoleServiceTest abstractRoleServiceTest) throws Exception {
        this.ugTest = abstractUserGroupServiceTest;
        this.gaTest = abstractRoleServiceTest;
        this.gaService = abstractRoleServiceTest.createRoleService(getRoleServiceName());
        getSecurityManager().setActiveRoleService(this.gaService);
        this.ugService = abstractUserGroupServiceTest.createUserGroupService(getUserGroupServiceName());
        this.gaStore = abstractRoleServiceTest.createStore(this.gaService);
        this.ugStore = abstractUserGroupServiceTest.createStore(this.ugService);
        initializeServiceRules();
        initializeDataAccessRules();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initializeForXML() throws Exception {
        initialize(new XMLUserGroupServiceTest(), new XMLRoleServiceTest());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addAdditonalData() throws Exception {
        this.gaStore.associateRoleToGroup(this.gaStore.getRoleByName("ROLE_WMS"), "group1");
        this.gaStore.associateRoleToGroup(this.gaStore.getRoleByName("ROLE_WFS"), "group1");
        this.gaStore.store();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void insertValues() throws Exception {
        this.gaTest.insertValues(this.gaStore);
        this.gaStore.store();
        this.ugTest.insertValues(this.ugStore);
        this.ugStore.store();
    }

    protected void modifyValues() throws Exception {
        this.gaTest.modifyValues(this.gaStore);
        this.gaStore.store();
        this.ugTest.modifyValues(this.ugStore);
        this.ugStore.store();
    }

    protected void removeValues() throws IOException {
        if (this.gaStore != null) {
            this.gaTest.removeValues(this.gaStore);
            this.gaStore.store();
        }
        if (this.ugStore != null) {
            this.ugTest.removeValues(this.ugStore);
            this.ugStore.store();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void clearServices() throws IOException {
        if (this.gaStore != null) {
            this.gaStore.clear();
            this.gaStore.store();
        }
        if (this.ugStore != null) {
            this.ugStore.clear();
            this.ugStore.store();
        }
    }

    public String getRORoleServiceName() {
        return "ReadOnlyRoleService";
    }

    public String getROUserGroupServiceName() {
        return "ReadOnlyUGService";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void activateRORoleService() throws Exception {
        MemoryRoleServiceConfigImpl memoryRoleServiceConfigImpl = new MemoryRoleServiceConfigImpl();
        memoryRoleServiceConfigImpl.setName(getRORoleServiceName());
        memoryRoleServiceConfigImpl.setClassName(ReadOnlyRoleService.class.getName());
        getSecurityManager().saveRoleService(memoryRoleServiceConfigImpl);
        this.gaService = getSecurityManager().loadRoleService(getRORoleServiceName());
        this.gaService.initializeFromConfig(memoryRoleServiceConfigImpl);
        this.gaService.setSecurityManager(GeoServerApplication.get().getSecurityManager());
        this.gaStore = new MemoryRoleStore();
        this.gaStore.initializeFromService(this.gaService);
        this.gaTest.insertValues(this.gaStore);
        this.gaStore.store();
        getSecurityManager().setActiveRoleService(this.gaService);
        this.gaStore = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void deactivateRORoleService() throws Exception {
        GeoServerSecurityManager securityManager = getSecurityManager();
        if (securityManager.listRoleServices().contains(getRORoleServiceName())) {
            securityManager.removeRoleService(securityManager.loadRoleServiceConfig(getRORoleServiceName()));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GeoServerDigestPasswordEncoder getDigestPasswordEncoder() {
        return getSecurityManager().loadPasswordEncoder(GeoServerDigestPasswordEncoder.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GeoServerPBEPasswordEncoder getPBEPasswordEncoder() {
        return getSecurityManager().loadPasswordEncoder(GeoServerPBEPasswordEncoder.class, (Boolean) null, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public GeoServerPlainTextPasswordEncoder getPlainTextPasswordEncoder() {
        return getSecurityManager().loadPasswordEncoder(GeoServerPlainTextPasswordEncoder.class);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void activateROUGService() throws Exception {
        MemoryUserGroupServiceConfigImpl memoryUserGroupServiceConfigImpl = new MemoryUserGroupServiceConfigImpl();
        memoryUserGroupServiceConfigImpl.setName(getROUserGroupServiceName());
        memoryUserGroupServiceConfigImpl.setClassName(ReadOnlyUGService.class.getName());
        memoryUserGroupServiceConfigImpl.setPasswordEncoderName(getDigestPasswordEncoder().getName());
        memoryUserGroupServiceConfigImpl.setPasswordPolicyName("default");
        getSecurityManager().saveUserGroupService(memoryUserGroupServiceConfigImpl);
        this.ugService = getSecurityManager().loadUserGroupService(getROUserGroupServiceName());
        this.ugService.initializeFromConfig(memoryUserGroupServiceConfigImpl);
        this.ugService.setSecurityManager(GeoServerApplication.get().getSecurityManager());
        this.ugStore = new MemoryUserGroupStore();
        this.ugStore.initializeFromService(this.ugService);
        this.ugTest.insertValues(this.ugStore);
        this.ugStore.store();
        this.ugStore = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void deactivateROUGService() throws Exception {
        GeoServerSecurityManager securityManager = getSecurityManager();
        if (securityManager.listUserGroupServices().contains(getROUserGroupServiceName())) {
            securityManager.removeUserGroupService(securityManager.loadUserGroupServiceConfig(getROUserGroupServiceName()));
        }
    }

    public void executeModalWindowClosedCallback(ModalWindow modalWindow) {
        for (AbstractAjaxBehavior abstractAjaxBehavior : modalWindow.getBehaviors()) {
            if ((abstractAjaxBehavior instanceof AbstractDefaultAjaxBehavior) && abstractAjaxBehavior.getClass().getSimpleName().startsWith("WindowClosedBehavior")) {
                tester.executeBehavior(abstractAjaxBehavior);
            }
        }
    }

    public void executeModalWindowCloseButtonCallback(ModalWindow modalWindow) {
        for (AbstractAjaxBehavior abstractAjaxBehavior : modalWindow.getBehaviors()) {
            if ((abstractAjaxBehavior instanceof AbstractDefaultAjaxBehavior) && abstractAjaxBehavior.getClass().getSimpleName().startsWith("CloseButtonBehavior")) {
                tester.executeBehavior(abstractAjaxBehavior);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initializeServiceRules() throws IOException {
        ServiceAccessRuleDAO serviceAccessRuleDAO = ServiceAccessRuleDAO.get();
        serviceAccessRuleDAO.getRules();
        serviceAccessRuleDAO.addRule(new ServiceAccessRule("wms", "GetMap", new String[]{"ROLE_AUTHENTICATED"}));
        serviceAccessRuleDAO.addRule(new ServiceAccessRule("wms", "*", new String[]{"ROLE_WMS"}));
        serviceAccessRuleDAO.addRule(new ServiceAccessRule("wfs", "GetFeature", new String[]{"ROLE_AUTHENTICATED"}));
        serviceAccessRuleDAO.addRule(new ServiceAccessRule("wfs", "*", new String[]{"ROLE_WFS"}));
        serviceAccessRuleDAO.addRule(new ServiceAccessRule("*", "*", new String[]{GeoServerRole.ADMIN_ROLE.getAuthority()}));
        serviceAccessRuleDAO.storeRules();
    }

    protected void initializeDataAccessRules() throws IOException {
        DataAccessRuleDAO dataAccessRuleDAO = DataAccessRuleDAO.get();
        dataAccessRuleDAO.getRules();
        dataAccessRuleDAO.addRule(new DataAccessRule("*", "*", AccessMode.WRITE, new String[]{GeoServerRole.ADMIN_ROLE.getAuthority()}));
        dataAccessRuleDAO.addRule(new DataAccessRule(MockData.CITE_PREFIX, "*", AccessMode.READ, new String[]{"ROLE_AUTENTICATED"}));
        dataAccessRuleDAO.addRule(new DataAccessRule(MockData.CITE_PREFIX, MockData.LAKES.getLocalPart(), AccessMode.WRITE, new String[]{"ROLE_WMS,ROLE_WFS"}));
        dataAccessRuleDAO.addRule(new DataAccessRule(MockData.CITE_PREFIX, MockData.BRIDGES.getLocalPart(), AccessMode.WRITE, new String[]{"ROLE_WMS,ROLE_WFS"}));
        dataAccessRuleDAO.storeRules();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean testErrorMessagesWithRegExp(String str) {
        Iterator it = tester.getMessages(400).iterator();
        while (it.hasNext()) {
            if (((Serializable) it.next()).toString().matches(str)) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void createUserPasswordAuthProvider(String str, String str2) throws Exception {
        UsernamePasswordAuthenticationProviderConfig usernamePasswordAuthenticationProviderConfig = new UsernamePasswordAuthenticationProviderConfig();
        usernamePasswordAuthenticationProviderConfig.setName(str);
        usernamePasswordAuthenticationProviderConfig.setClassName(UsernamePasswordAuthenticationProvider.class.getName());
        usernamePasswordAuthenticationProviderConfig.setUserGroupServiceName(str2);
        getSecurityManager().saveAuthenticationProvider(usernamePasswordAuthenticationProviderConfig);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSecurityPage initializeForRoleServiceNamed(String str) {
        initializeForService(str, "roleServices");
        return tester.getLastRenderedPage();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractSecurityPage initializeForUGServiceNamed(String str) {
        initializeForService(str, "userGroupServices");
        return tester.getLastRenderedPage();
    }

    private void initializeForService(String str, String str2) {
        UserGroupRoleServicesPage userGroupRoleServicesPage = new UserGroupRoleServicesPage();
        tester.startPage(userGroupRoleServicesPage);
        tester.assertRenderedPage(userGroupRoleServicesPage.getPageClass());
        Iterator items = userGroupRoleServicesPage.get("panel:panel:" + str2).get(AbstractListPageTest.ITEMS_PATH).getItems();
        while (items.hasNext()) {
            Item item = (Item) items.next();
            if (str.equals(((SecurityNamedServiceConfig) item.getModelObject()).getName())) {
                tester.clickLink(item.getPageRelativePath() + ":itemProperties:0:component:link");
            }
        }
    }
}
